At the end of September 2018, Ben Azvine, Global Head of Security Research and Innovation at BT, gave a presentation, Future challenges and opportunities in cyber defence, at a Cambridge Wireless conference. While Azvine highlighted the current ongoing escalation of risks already apparent in the cybersecurity arena and the way in which these need to be addressed (BTwatch, #299), he also discussed likely evolution in the security sphere and the associated opportunities and threats.

Quantum akin to a nuclear arms race

Azvine said quantum computing will be key in future cybersecurity, enabling engineers and scientists to design new equipment at unprecedented speed. However, quantum computing presents a big threat too — if “the bad guys” acquire quantum capabilities “they could break 99% of the encryption we use today on our network”.

Estimates for a significant breakthrough in quantum computers vary wildly, from ten years to approaching fifty, but BT is participating in the race, building algorithms and mechanisms so that its networks will be prepared to address the threat.

In the summer, BT and partners announced the construction of the UK’s “first” quantum-secured, high-speed fibre network between BT Labs in Adastral Park and Cambridge University (see BTwatch #297).

IoT another Pandora’s Box

Azvine also described Internet of Things (IoT) as a huge opportunity and a challenge, and said that many people are making elementary mistakes similar to those made in the early days of IT; for instance, no patching and passwords that are hard‑coded into systems and easily accessible and hackable. Although a huge amount of work is underway on security for IoT, Azvine said in his view, it is not enough.

It is worth noting that in spring, BT Security announced it will play a “key advisory role” in the development of the UK government’s draft Code of Practice to introduce new cybersecurity and compliance measures to improve the security of IoT devices, as part of the state’s five-year, £1.9bn security initiative (see BTwatch #294).

AI to the rescue?

Azvine outlined how artificial intelligence (AI) will merit close consideration from a security perspective.

On the negative side, there is again the risk of the weaponising of the technology by bad actors. There is a further risk that the data pool AI is drawing from could be poisoned or tampered with, resulting in AI systems being trained to generate unwanted responses such as an autonomous car not recognising important road signs. Greater use of data analytics for AI also brings questions relating to user privacy, and the protection of data protection rights.

More positively, though, AI could be a powerful tool in detecting and predicting attacks.

Cognitive AI to merge with human mind for the bigger picture

Azvine said that over the last eight years, BT has been among a group of companies putting massive efforts into investigating how to use AI in cyberdefence systems, to protect against and predict attacks.

A clear finding of this work has been that AI will still need to be paired with human intelligence, and Azvine suggested that instead of fully automating processes, tools should be developed to augment and integrate the respective strengths of humans and machines. To facilitate human interaction with AI machines, BT is focusing on interactive visual analytics. Through this approach, people should be able to extract salient information from volumes of data to address threats using a range of visual techniques.

AI‑based systems (Azvine identified programmes called Saturn, Nexus and Tardis) are said to visually represent data in a way that spotlights irregularities based on what they have learned to recognise as normal behaviour. The human analyst is then able to consider unusual behaviour and investigate further drawing on their own knowledge and experience. “Our strategy is for human knowledge to drive the machine-based system and teach it,” said Azvine.

Another key element of the AI development is the creation of interactive systems that people without a data science or similar background can use to make decisions.

“We want devices that you can connect to an ordinary computer and manipulate with your fingers, and to have groups of people collaborating on interactive AI systems to identify anomalies. ” —Azvine.

Virtual operations centres planned for speed and efficiency

Azvine outlined BT’s international security capabilities, noting it has 16 operations centres around the world from which it can launch investigations on issues anywhere on its global network.

However, this set‑up is expensive to configure and operate, and the telco is looking at using AI and virtual reality to create more flexible and responsive virtual ‘war rooms’ that can be established and staffed with appropriate expertise and capabilities quickly. These can be set up in minutes and access information from anywhere in the world, pulling in expertise for an investigation. The costs for working this way are much lower and the virtual war room can be shut down as soon as the investigation is over.